Class RequestMatcherMetadataResponseResolver
java.lang.Object
org.springframework.security.saml2.provider.service.web.metadata.RequestMatcherMetadataResponseResolver
- All Implemented Interfaces:
Saml2MetadataResponseResolver
- Direct Known Subclasses:
RequestMatcherMetadataResponseResolver
public class RequestMatcherMetadataResponseResolver
extends Object
implements Saml2MetadataResponseResolver
An implementation of
Saml2MetadataResponseResolver
that identifies which
RelyingPartyRegistration
s to use with a RequestMatcher
- Since:
- 6.1
-
Constructor Summary
ConstructorDescriptionRequestMatcherMetadataResponseResolver
(RelyingPartyRegistrationRepository registrations, Saml2MetadataResolver metadata) Construct aRequestMatcherMetadataResponseResolver
-
Method Summary
Modifier and TypeMethodDescriptionresolve
(jakarta.servlet.http.HttpServletRequest request) Construct and serialize a relying party's SAML 2.0 metadata based on the givenHttpServletRequest
.void
setMetadataFilename
(String metadataFilename) Sets the metadata filename template.void
setRequestMatcher
(RequestMatcher requestMatcher) Use thisRequestMatcher
to identity which requests to generate metadata for.
-
Constructor Details
-
RequestMatcherMetadataResponseResolver
public RequestMatcherMetadataResponseResolver(RelyingPartyRegistrationRepository registrations, Saml2MetadataResolver metadata) Construct aRequestMatcherMetadataResponseResolver
- Parameters:
registrations
- the source for relying party metadatametadata
- the strategy for convertingRelyingPartyRegistration
s into metadata
-
-
Method Details
-
resolve
Construct and serialize a relying party's SAML 2.0 metadata based on the givenHttpServletRequest
. Uses the configuredRequestMatcher
to identify the metadata request, including looking for any indicatedregistrationId
.If a
registrationId
is found in the request, it will attempt to use that, erroring if noRelyingPartyRegistration
is found.If no
registrationId
is found in the request, it will attempt to show allRelyingPartyRegistration
s in an<md:EntitiesDescriptor>
. To exercise this functionality, the providedRelyingPartyRegistrationRepository
needs to implementIterable
.- Specified by:
resolve
in interfaceSaml2MetadataResponseResolver
- Parameters:
request
- the HTTP request- Returns:
- a
Saml2MetadataResponse
instance - Throws:
Saml2Exception
- if theRequestMatcher
specifies a non-existentregistrationId
-
setRequestMatcher
Use thisRequestMatcher
to identity which requests to generate metadata for. By default, matches/saml2/metadata
,/saml2/metadata/{registrationId}
,/saml2/service-provider-metadata
, and/saml2/service-provider-metadata/{registrationId}
- Parameters:
requestMatcher
- theRequestMatcher
to use
-
setMetadataFilename
Sets the metadata filename template. If it contains the{registrationId}
placeholder, it will be resolved as a random UUID if there are multipleRelyingPartyRegistration
s. Otherwise, it will be replaced by theRelyingPartyRegistration
's id.The default value is
saml-{registrationId}-metadata.xml
- Parameters:
metadataFilename
- metadata filename, must contain a {registrationId}
-